Re: [HACKERS] Moving tablespaces

On Tue, Dec 6, 2011 at 17:07, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Magnus Hagander <magnus(at)hagander(dot)net> writes:
>> There is some nice precedent in the CREATE TABLESPACE command (though
>> dependent on HAVE_SYMLINK and not HAVE_READLINK), so I'm just going to
>> copy the error message from there.
>
> Fair enough.
>
> Looking at the existing readlink use in port/exec.c, it strikes me that
> another thing you'd better do is include a check for buffer overrun,
> ie the test needs to be more like
>
>                rllen = readlink(fname, link_buf, sizeof(link_buf));
>                if (rllen < 0 || rllen >= sizeof(link_buf))
>                        ... fail ...

Seems reasonable, yeah. I'll go put a similar check in the
basebackup.c file as well when I'm done here.

> Also, you're assuming that the result is already null-terminated,
> which is incorrect.

No, I'm not - I'm MemSet()ing the whole buffer to 0 before I start.
But I'll change that to work the same way as the on in port/exec.c,
for consistency.

--
 Magnus Hagander
 Me: http://www.hagander.net/
 Work: http://www.redpill-linpro.com/